forcing FTP-uploaded files to be of certain types only

Mon Jul 17 18:24:31 UTC 2006

понеділок 17 липень 2006 14:09, David J. Orman написав:
> That could lead to many DoS attacks, high load, etc - but as you said you
> trust the users, I suspect this is not an issue to you. I personally code
> with security in mind no matter the situation, but you decide what is best
> for you. :)

Well, it is not hard to compress 100K (that are still in RAM) on a modern CPU. 
And we can just as well try 8K. It is, probably, easier, than to, say, look 
up an article in a database -- something web-servers do many times per 
second :-) Our FTP uploads happen far less often -- only 10-20 times per 
day...

The probability of a DoS of the full filesystem is far more likely (actually 
happened a few times), than the DoS of overloading the CPU (and inetd takes 
care of not starting too many too often).

Thanks a lot for your recommendations!

	-mi